[syslog-ng] rewrite error
operacoes - mls wireless
opertec at mls.com.br
Fri Oct 2 22:23:29 UTC 2020
Hello there,
I am runing syslog-ng 3.2.5 on a centos 6.10 server, the log server.
Here we have 30 clients sending log via rsyslog to the log server. At
the log server each one of them have its own log according to the host
name. This operation works just fine. Now my manager ask me to remove
some parts of the log, so the final log size will be smaller. At the log
server I tried use rewrite and unset to suppress some parts of the log
but it does not work, with the error : Plugin module not found in
'module-path'; module-path='/lib64/syslog-ng', module='rewrite'
This is the config on log server for each one of the clients.
filter f_client_serv01 { host( "client_serv01" ); };
destination d_client_serv01 { file("/var/log/client_serv01.log"
perm(0644) owner(root) group(root) ); };
log { source(s_net); filter(f_client_serv01);
destination(d_client_serv01); };
This is the log
Oct 2 19:07:04 client_serv01 kernel: IN=rdc1 OUT=
MAC=00:50:da:6f:0a:54:ec:08:6b:7f:d5:cb:08:00 SRC=10.1.16.35
DST=xxx.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=27903 DF
PROTO=TCP SPT=40917 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0
rewrite r_rewrite_unset{
unset(value("WINDOW"));
};
rewrite r_rewrite_subst{
subst("WINDOW", " ", value("MESSAGE"), flags("global"));
};
Does anyone have a tip to try to solve this?
Thanks for help.
Have a nice day!
--
Para contato ou solicitações utilize nosso canal de atendimento via
Suporte Técnico através
de nossa central 24H via tel.:(21) 2538-8400 ou através do email:
suporte at mls.com.br
Atenciosamente,
*João Tiago Braz*| Aux. Sistemas Operação
21 2538-8400 | 21 3923-5000
operacoes at mls.com.br
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20201002/955846dd/attachment.html>
More information about the syslog-ng
mailing list